From Debian package 0.0.20080702-15 and 0.0.20080702-16
Mostly merged upstream in r3010

allow dovecot to connect to Mysql and PostgreSQL

Allow dovecot_auth_t to create sockets labeled as dovecot_var_run_t,
also allow chown capability to apply correct ownership

dovecot_auth_client interface removed in 0.0.20090629-1, along with lda module

Index: policy/modules/services/dovecot.te
===================================================================
--- policy/modules/services/dovecot.te.orig
+++ policy/modules/services/dovecot.te
@@ -180,6 +180,7 @@
 # dovecot auth local policy
 #
 
+manage_sock_files_pattern(dovecot_auth_t,dovecot_var_run_t,dovecot_var_run_t)
 allow dovecot_auth_t self:capability { chown dac_override setgid setuid };
 allow dovecot_auth_t self:process { signal_perms getcap setcap };
 allow dovecot_auth_t self:fifo_file rw_fifo_file_perms;
@@ -304,3 +305,13 @@
 optional_policy(`
 	mta_manage_spool(dovecot_deliver_t)
 ')
+
+optional_policy(`
+	mysql_tcp_connect(dovecot_auth_t)
+	mysql_stream_connect(dovecot_auth_t)
+')
+
+optional_policy(`
+	postgresql_tcp_connect(dovecot_auth_t)
+	postgresql_stream_connect(dovecot_auth_t)
+')